VIR Vulnerability Intelligence Relay

CVE-2012-0204

critical
Published 2013-01-31 · Modified 2026-04-29
CVSS v3
CVSS v2
9.3
VIR risk
9.3

Description

Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21623501

Application impact
VendorProductVersionsFixed
ibm ibminfosphere_import_export_manager8.1
ibm ibminfosphere_import_export_manager8.1.1
ibm ibminfosphere_import_export_manager8.1.2
ibm ibminfosphere_import_export_manager8.5
ibm ibminfosphere_import_export_manager8.7
ibm ibminfosphere_import_export_manager9.1
ibm ibminfosphere_information_server8.1
ibm ibminfosphere_information_server8.5
ibm ibminfosphere_information_server8.5.0.1
ibm ibminfosphere_information_server8.5.0.2
ibm ibminfosphere_information_server8.7
ibm ibminfosphere_information_server9.1
ibm ibminfosphere_information_server_metabrokers_\&_bridges-

References

Verify integrity in audit chain (admin only). AS-IS.